int (*spare_fptr1)();
-#define SASL_CB_FLAG_NONE 0 /* client did not support CB */
-#define SASL_CB_FLAG_USED 1 /* client supports and used CB */
-#define SASL_CB_FLAG_WANT 2 /* client supports CB, thinks server does not */
- int chanbindingflag;
+#define SASL_CB_FLAG_NONE 0x00 /* client did not support CB */
+#define SASL_CB_FLAG_USED 0x01 /* client supports CB, thinks server does not */
+#define SASL_CB_FLAG_WANT 0x02 /* client supports and used CB */
+#define SASL_CB_FLAG_CRIT 0x10 /* client requires CB */
+ int chanbindingflags;
#define SASL_CB_PRESENT(params) ((params)->chanbindingtype != NULL && (params)->chanbindinglen)
int chanbindinglen;
int spare_int3;
cmechanism_t *m=NULL,*bestm=NULL;
size_t i, list_len;
sasl_ssf_t bestssf = 0, minssf = 0;
- int result, server_can_cb = 0;
+ int result, server_can_cb = 0, cb_flag;
if(_sasl_client_active==0) return SASL_NOTINIT;
&list_len,
&server_can_cb);
if (result != 0)
- return result;
+ goto done;
- if (SASL_CB_PRESENT(c_conn->cparams) && server_can_cb)
- c_conn->cparams->chanbindingflag = SASL_CB_FLAG_WANT;
- else
- c_conn->cparams->chanbindingflag = SASL_CB_FLAG_NONE;
+ if (SASL_CB_PRESENT(c_conn->cparams)) {
+ if (server_can_cb == 0 &&
+ (c_conn->cparams->chanbindingflags & SASL_CB_FLAG_CRIT)) {
+ result = SASL_NOMECH;
+ goto done;
+ } else {
+ cb_flag = SASL_CB_FLAG_WANT;
+ }
+ } else {
+ cb_flag = SASL_CB_FLAG_NONE;
+ }
for (i = 0, name = ordered_mechs; i < list_len; i++) {
/* foreach in client list */
/* Prefer server advertised CB mechanisms */
if (SASL_CB_PRESENT(c_conn->cparams) && plus)
- c_conn->cparams->chanbindingflag = SASL_CB_FLAG_USED;
+ cb_flag = SASL_CB_FLAG_USED;
if (mech) {
*mech = m->m.plug->mech_name;
c_conn->cparams->external_ssf = conn->external.ssf;
c_conn->cparams->props = conn->props;
+ c_conn->cparams->chanbindingflags |= cb_flag;
c_conn->mech = bestm;
/* init that plugin */
((sasl_client_conn_t *)conn)->cparams->chanbindingtype = cb->type;
((sasl_client_conn_t *)conn)->cparams->chanbindingdata = cb->data;
((sasl_client_conn_t *)conn)->cparams->chanbindinglen = cb->len;
+ if (cb->critical != 0)
+ ((sasl_client_conn_t *)conn)->cparams->chanbindingflags |= SASL_CB_FLAG_CRIT;
+ else
+ ((sasl_client_conn_t *)conn)->cparams->chanbindingflags &= ~(SASL_CB_FLAG_CRIT);
}
break;
}